×
Siemens Industry Online Support
Siemens AG
Entry type: Product note Entry ID: 109769877, Entry date: 08/11/2019
(0)
Rate

Delivery Release for the RUGGEDCOM FIPS and CC certified products

  • Entry
  • Associated product(s)
Siemens has released RUGGEDCOM products with Federal Information Processing Standards (FIPS) and Common Criteria (CC) certifications.

Siemens has released the following RUGGEDCOM products with Federal Information Processing Standards (FIPS) publication 140-2 level 2 and Common Criteria (CC) certifications based on Network Device Protection Profile (NPcPP). The specific OS build is ROS 4.2.2F.

 

Product

FIPS certificate

CC certificate

RUGGEDCOM M2100F

Y

Y

RUGGEDCOM M2200F

Y

Y

RUGGEDCOM RSG2100F

Y

Y

RUGGEDCOM RSG2200F

Y

Y

RUGGEDCOM RS416F

Y

Y

RUGGEDCOM RS900F

Y

Y

RUGGEDCOM RS900GF

Y

Y

RUGGEDCOM RS940GF

Y

Y

RUGGEDCOM M969F

Y

Y

RUGGEDCOM RSG2488F

Y

Y

RUGGEDCOM RSG2100PF

N

Y

RUGGEDCOM RSG2300F

N

Y

RUGGEDCOM RSG2300PF

N

Y

RUGGEDCOM RS400F

N

Y

RUGGEDCOM RS416PF

N

Y

RUGGEDCOM RS900GPF

N

Y

 

1. Product description

The RUGGEDCOM ROS devices are utility-grade, fully-managed Ethernet products designed to operate reliably in electrically harsh and climatically demanding environments. The devices’ rugged hardware design, together with the embedded ROS version ROS 4.2.2.F, provides the system reliability and advanced cybersecurity and networking features required by FIPS and CC:

FIPS 140-2 - level 2:

  • FIPS approved algorithm implementations
  • User identification and authentication
    • Strong password application with brute force protection
    • RSA public key based via SSH; the key can be 2048 or 3072 bits in length.
  • Key management. All key generation, derivation, provisioning, destruction and storage, is FIPS-certified, including the keys that are permanent, ephemeral, agreed upon by protocol, user-provisioned, or automatically generated.
  • Cryptographic Self tests are performed automatically during the boot sequence and during runtime as certain conditions exist 
  • Protected operational environment – only FIPS-validated firmware can be executed
  • Physical security with tamper evidence covering  

Common Criteria - NDcPP v2.0:

  • Secure audit data generation, storage and logging via trusted channel
  • Cryptographic operations and key management with SSH, TLS and RBG support
    • AES data encryption/decryption
    • Signature generation and verification
    • Hash algorithms
  • Identification and authentication 
    • Password and RSA public-key authentication over SSH

    • Password via TLS

    • Full X509v3 validation of TLS server certificate

  • Managed and protected Security Functions  
    • Protected security data and administrations
    • Trusted firmware update
  • Access control –  session locking and termination  
  • Trusted path /channels

 

2. Order data

2.1 Product order data:

 

Product

Root MLFB

RUGGEDCOM M2100F

6GK60210MS3

RUGGEDCOM M2200F

6GK60220MS3

RUGGEDCOM RSG2100F

6GK60210AS3

RUGGEDCOM RSG2200F

6GK60220AS3

RUGGEDCOM RS416F

6GK60416AT3

RUGGEDCOM RS900F

6GK60900AS3

RUGGEDCOM RS900GF

6GK60900GS3

RUGGEDCOM RS940GF

6GK60940GS3

RUGGEDCOM M969F

6GK60968MS3

RUGGEDCOM RSG2488F

6GK60248GS3

RUGGEDCOM RSG2100PF

6GK60210PS3

RUGGEDCOM RSG2300F

6GK60230AS3

RUGGEDCOM RSG2300PF

6GK60230PS3

RUGGEDCOM RS400F

6GK60400AT3

RUGGEDCOM RS416PF

6GK60416PT3

RUGGEDCOM RS900GPF

6GK60900PS3

 

The RUGGEDCOM FIPS/CC products are build-to-order products. After the Sales Release (M280), the RUGGEDCOM Selector can be used for the selection and configuration of the complete order number. The RUGGEDCOM Selector is found at the following URL: www.siemens.com/ruggedcom-selector 


3. Application objective

The current product launch is dedicated to the US and Canada market only.

FIPS is mandated by law in the U.S. and very strictly enforced in Canada for the proper use of the standard methods of encryption in the networks at government agencies and departments. On the other hand, CC allows us to claim product security functionality with proof to conform to the standard - Network Device collaborative Protection Profile (NDcPP) version 2.

With these two certifications available, it will position our products better to tap into the government markets in North America.  


4. Technical data

All hardware performance and form factor specifications remain unchanged from non-FIPS/CC product versions.


Security information
In order to protect technical infrastructures, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art IT security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about cyber security, please visit
https://www.siemens.com/cybersecurity#Ouraspiration.